Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
25/09/2024, 10:52
General
-
Target
f5d88c2a2a32e68aa27fc5abfaba58bd_JaffaCakes118.pdf
-
Size
86KB
-
MD5
f5d88c2a2a32e68aa27fc5abfaba58bd
-
SHA1
f2536968d59432e233462d715cda49bbaedc05a4
-
SHA256
f6971116a26b5dcfcde3a4faf61b21d317a1b3d01422f6e37ef4fafb518b8d76
-
SHA512
161a30a58cb80e3fa35881a2ee2da3d3429fa54be6dc61659718d91b4a055ab17f0450e34399cc572647f2698723df9c9d63d5d816f23d439abe15ea19dd7328
-
SSDEEP
1536:06y8cDy8BI861PSlmlD4nb26YX0dcOhkB+BhxOjBglnNzr7WDl5y9IA4E65nCFfZ:QLe86GE4b26YX0drh5BTOtglVrY3w658
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f5d88c2a2a32e68aa27fc5abfaba58bd_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5adbf70a71f8d30aa345a321366bdb1ad
SHA17de7784056f730196b29cd31ce8054c1ae68e23b
SHA2561c09ce6018163ed63177f193d3728872686c3d207228d3b3a8bbecf9e50c2001
SHA5129e91af4ed2e9acaca8fd78a92f81e692063ecd7236d00a4a3ce3dd46cca74e69ddc883e45f508673908b790b99693300efd7d450066f70482f104dfe8b844b8a